Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Worms Security

MyDoom Seeks to Destroy Antivirus Firms 284

Khoo writes "Worm writers are threatening to attack antivirus companies F-Secure, Symantec, Trend Micro and McAfee. In the latest version of MyDoom--MyDoom.AE--the authors embedded a message ridiculing rival worm Netsky and promising to attack the antivirus companies."
This discussion has been archived. No new comments can be posted.

MyDoom Seeks to Destroy Antivirus Firms

Comments Filter:
  • Ehh... (Score:5, Funny)

    by DreddUK ( 255582 ) on Tuesday October 19, 2004 @07:26AM (#10563776)
    Isn't this like the virus companies threating to shoot themselves....? Oh, hang on, they don't really write all the virii... :)
    • Re:Ehh... (Score:2, Funny)

      by pbranes ( 565105 )
      Hopefully these companies have some sort of antivirus protection installed on their workstations. It really is a good idea in this day and age.
  • Live Update (Score:4, Insightful)

    by UID1000000 ( 768677 ) on Tuesday October 19, 2004 @07:27AM (#10563780) Homepage Journal
    Maybe they can destory Live Update so that Symantec can finally create a copy that isn't a resource hog.... wait....

    *sighs*

    nevermind
    • Tell me about it....

      Ever since I installed NAV on an XP system I'm using, the boot time went from 30 seconds to well over three minutes. I swear it must scan EVERY file that gets opened, including the registry (which gets accessed a lot during a programming session).

      I can't remove NAV because it's not my PC and the owner doesn't want me to replace NAV with something else, like AVG or something.
      • Re:Live Update (Score:3, Informative)

        by PygmySurfer ( 442860 )
        What does that have to do with LiveUpdate? LiveUpdate is the service for downloading new updates, it has nothing to do with the actual virus scan.

        Sounds to me like you're talking about Norton AutoProtect, not LiveUpdate.
      • I swear it must scan EVERY file that gets opened, including the registry (which gets accessed a lot during a programming session).

        By default, NAV usually scans every file that gets touched. Dunno which version you're using, but buried somewhere in the settings should be a way to switch from "scan on access" to "scan on create".

    • This is actually a big problem... worms have successfully managed to DDoS some *major* sites.

      Now what if the target of a DDoS was AV companies live update servers?

      Anti-virus programs would not be able to download virus signatures against the new worms, making them ineffective unless manually updated. :o
  • Maybe Id care... (Score:4, Interesting)

    by TheRealMindChild ( 743925 ) on Tuesday October 19, 2004 @07:28AM (#10563789) Homepage Journal
    ... if all of these viruses were something more then a rip-off of a rip-off of a rip-off of someone elses code.
    • Open-Source at it's best
    • What's worse virus writers can reuse old code, or that MSFT doesn't really fix the holes, but just puts another piece of wallpaper up to keep out the rain & snow.

    • .. if all of these viruses were something more then a rip-off of a rip-off of a rip-off of someone elses code.


      Are they still dangerous?

      The Mother Of All Bombs the US had a few years ago is just a rip-off of a rip-off of a rip-off of an idea as well. They still go boom.

      If the virus is still dangerous, the fact that people can so easily recycle old viruses is way more disconcerting than simply deciding if it's not an innovative virus why fear it.

  • by Spydr ( 90990 ) on Tuesday October 19, 2004 @07:29AM (#10563796) Homepage
    Hey Netsky! Nice code, did your mommmy write it for you?!

  • think about it.... (Score:5, Interesting)

    by millahtime ( 710421 ) on Tuesday October 19, 2004 @07:29AM (#10563798) Homepage Journal
    Do you want to use the antivirus product of a company whose network goes down due to a virus?
    • by thrill12 ( 711899 ) * on Tuesday October 19, 2004 @08:29AM (#10564255) Journal
      I am just the average Joe, who is brainwashed by such renowned companies as Microsoft into believing that it is not the software companies that make the mistakes, but the people who make the things that cause the mistakes to trigger!

    • Would you hire a security company whose office broke down after 500,000 people started throwing rocks at it ?

      Yes, I would, it's nothing they could prevent.

    • by Tenebrious1 ( 530949 ) on Tuesday October 19, 2004 @09:21AM (#10564740) Homepage
      Do you want to use the antivirus product of a company whose network goes down due to a virus?

      Any company's computers, even the best AV writers, are vulnerable to 1st day infections. Any company could get slammed if an unknown virus is introduced directly into their networks. So what would matter to me is not that they were taken down, but how quickly they are able to get their systems back online. That's indicative of how quickly they can get updates online and out to the rest of us who may be suffering the same fate.

  • Time... (Score:3, Interesting)

    by zeropointentity ( 746750 ) on Tuesday October 19, 2004 @07:30AM (#10563803)
    Really was just a matter of time before an assault. It's a war. Virii vs. the White ('blood cell') Knights. The worst disease in the world is AIDS, not because it kills directly, but because it inhibits immunity entirely. After your anti-virus software is nuked, the most basic of hacks could nail your pc.
    • by Secrity ( 742221 ) on Tuesday October 19, 2004 @08:22AM (#10564194)
      This is the very reason why depending upon anti-virus software is dangerous. Anti-virus software causes people to become less careful about computer security. Becoming less careful about computer security because you have anti-virus software is something like driving less carefully because you believe that airbags will keep you safe in the event of a car accident.
      • Becoming less careful about computer security because you have anti-virus software is something like driving less carefully because you believe that airbags will keep you safe in the event of a car accident.

        But Air Bags can save your life, I don't feel right riding in a car without a full set. While some people who use Anti-virus may use their systems uwisely, I however suspect that most people who take the time to install, buy and update the license, are more aware of the problem, not less. The real pr

      • I occasionally make use of a virus scanner when I have questions about a particular file from an untrusted source. The rest of the time, the scanner doesn't run, no auto-protect needed. Often there isn't even one installed on any of my machines, it's just pointless. When people ask me what I use for virus protection I point to my head, but that's where the conversation gets tricky. I wind up recommending NAV or PC-Cillin because the subject of careful computing goes a lot deeper than "don't just click on ev
  • Destroy ?? (Score:5, Insightful)

    by MHleads ( 751029 ) on Tuesday October 19, 2004 @07:32AM (#10563813)
    The only way to destroy Anti-virus firm is to stop writing viri. The more the viri, the more $$$ for AV companies.
    • But then, we would let the terrorists win! Oh, wait...
    • If a handful of major governments would just post some big bounties for these idiiots, the problem would oson solve itself.
    • Re:Destroy ?? (Score:4, Insightful)

      by Anonymous Coward on Tuesday October 19, 2004 @11:17AM (#10566232)
      They already stopped writing "viri" and "virii", because most people who aren't affecting some ridiculous air of pseudo-intelligence write viruses instead.

      Anyway, true viruses are damn hard to find nowadays. Most AV programs protect against trojans and worms, not file-infecting viruses. Any AV company worth a damn has turned into a general security company (take note that symantec also owns bugtraq, for example). Long as people break into places, we're going to have locks....
  • by Delirium Tremens ( 214596 ) on Tuesday October 19, 2004 @07:34AM (#10563829) Journal
    Maybe, just maybe, we should not give those guys any free publicity... Wouldn't this actually be a good news to skip and left untold?
    We don't really want to boost the ego of those jacks, do we?

    And hopefully, Taco won't repost the same story in a few days...
    <sarcasm/>

    • We don't really want to boost the ego of those jacks, do we?

      Frankly, if this is all it takes to boost their ego, then so be it. I'd rather boost some moron's ego and have the privilege to read my daily techno/geeky news than to have it censored so as to not offend anyone.
    • No, this wouldn't be a good news story to skip. This is very much a newsworthy story (at least for tech related news). A good portion of the population depends on AV companies to protect, prevent and/or repair their computers from viruses, worms & other malware. If a credible(?) threat is made against them then keeping those most likely to get asked "Why won't my virus program update?" in the loop is better than keeping them in the dark.
  • I seriously doubt Virus company write their own virus and release into the wild. There are enough virus already. They could hardly keep up. What I worry most is not about the attack toward the anti-virus company, all the anti-virus provider have to do is to set up temporary ip to dodge any Live update DoS. Similar to what Microsoft have done in the past. However, What sort of signal is this sort of news giving to the rest of the coder? Making virus make you more powerful? I have heard somewhere that if you
    • I bet a ninja could stop your alliance of unstoppable destructive machines.

      Thats because Ninjas have Real Ultimate Power.

      Now, if a virus could somehow enact the power of 10,000 ninjas on the internet, then it would be unstoppable, they would all go and stab your webserver in the eye, and they wouldn't even flinch.

      [/tongue_in_cheek]

      Back in reality, I'm watching out for the lower level Router attacks, or an attack of some type on the DNS roots. Whilst we believe we have the infrastructure to cope, I beli
  • by Badgerman ( 19207 ) on Tuesday October 19, 2004 @07:36AM (#10563847)
    I think it's time to panic. We know virus writers always tell the truth and would never engage in deception or hyperbole. Therefore this must be true.

    I reccomend we immediately declare western civilization over to beat them to the punch.

    There, got my sarcasm out for the day. Now to go to work and refuel it.
  • Virus Facts (Score:5, Informative)

    by Himring ( 646324 ) on Tuesday October 19, 2004 @07:48AM (#10563929) Homepage Journal
    I'm not sure those bigger AV companies will be able to protect themselves. They are slow in responding to threats much less threats against themselves.

    I put together this report for our project team recently. The sources are MCI, Verisign, et al (mostly, esecurityplanet.com article -- yes, google makes reports easy/fun).

    Wait time for AV fix
    (source: http://www.esecurityplanet.com/views/article.php/3 316511)
    Below marks the average wait time from release of virus to each company providing definitions to find/clean

    H:M Anti-Virus Program
    06:51 Kaspersky
    08:21 Bitdefender
    08:45 Virusbuster
    09:08 F-Secure
    09:16 F-Prot
    09:16 RAV
    09:24 AntiVir
    10:31 Quickheal
    10:52 InoculateIT-CA
    11:30 Ikarus
    12:00 AVG
    12:17 Avast
    12:22 Sophos
    12:31 Dr. Web
    13:06 Trend Micro
    13:10 Norman
    13:59 Command
    14:04 Panda
    17:16 Esafe
    24:12 A2
    26:11 McAfee
    27:10 Symantec
    29:45 InoculateIT-VET

    The averages vary from about 7 hours per virus to more than one full day (almost 30 hours). It's important to note two things about the figures in the table above:

    Some of the programs were able to detect some of the viruses in the testing period heuristically -- without needing an update. Ikarus, Quickheal, and Virusbuster were able to do this with the Dumaru.Y virus, whereas Norman and RAV were able to do it with Bagle.B. In those cases, the anti-virus program was assigned a response time of zero for that one virus. This reduced those vendors' average response times.

    On the other hand, A2 had not posted a signature for the Bagle.B virus within three days, when the test period ended. This program, therefore, was assigned a response time of 35 hours in this instance. If this virus had not been considered in the statistics, A2's average response time would have been reduced to 15:26 rather than 24:12.

    Hours to saturation/Dollar damage done by:

    Klez 2.5 hours $9B
    Sobig 10 hours $14B

    2003 overall virus damage $89B

    Average cost to patch and protect one workstation (includes AV, PM & FW): $234.

    Global spam decreased in August 2004 due to hurricanes (FL is the largest producer of global spam).
  • Why hadn't this happened sooner (if it really does happen)? I know companies like Microsoft and SCO are understandable targets fir these cretin, but wouldn't you think that their natural enemy would be the anti-viri firms? If this does come off, am anxious to see what the reaction is.
    • It's interesting that them writing more viruses to attempt to hurt their enemy actually helps their enemy, more viruses=more sales. Different for entities like MS, if I convert a person to Linux, that doesn't help MS......
    • This has been around (in one form or another) since the beginnings of AV software.

      I wish I could remember the exact virus (anyone?), but there were several that would specifically try to infect a machine and disable anti-virus software from various venders, thus rendering the machine vulnerable to other virus attacks.

      If my memory of timeframe serves, this was a problem in Windows 3.1 and 95... so, we're talking "old news" about targeting AV firms (in a sense).

      I seem to recall there being DDOS attacks aga
  • Mydoom... (Score:3, Interesting)

    by 2$ Crack Whore ( 813937 ) on Tuesday October 19, 2004 @07:53AM (#10563970) Homepage
    I read somewhere that MyDoom was named because the virus when viewed in an ASCII viewer contains an amount of freetext that was meant to say 'mydomain' but instead it was mis-spelt in the virus to say 'mydoomain' - hence MyDoom.
  • Let's see here, if you go for the old tin-foil belief that the virus companies write the virii to create a need for their software, and the attacks are real... Hmmm.

    F-Secure: Check
    Symantec: Check
    Trend Micro: Check
    McAfee: Check

    So that leaves... grisoft, Avast, and a couple dozen smaller companies. It's a conspiracy! THE BASTARDS!

    ~D
  • Mild threat (Score:2, Insightful)

    by tmoore09 ( 815119 )
    The threat of a DOS attack is quite mild to actually writing truly malicious code. Something along the lines of repartitioning the harddrive and reformat the drives upon reboot. The viruses that we have seen have been mainly to slow or disconnect the victim from the network. I feel there could be worse scenarios that could happen besides what we have seen thus far.
    • Re:Mild threat (Score:5, Insightful)

      by Patrik_AKA_RedX ( 624423 ) on Tuesday October 19, 2004 @08:46AM (#10564407) Journal
      A DOS-attack isn't "quite mild" when your business depends on your internet connection (e.g. Amazone). Not to mention the bill for all that extra traffic.
    • the "problem" is that to be efficient, a virus needs to preserve the host. The reformatted machine is useless for prolifiration of the virus because it no longer runs it. The "best" viruses [screw grammar] are the ones to strike perfect balance between the reproduction and doing damage to the host.
      • In a strange way, this is why AIDS is so devistating in the real world. A virus that simply made you explode when infected would be short lived (or instantly formatting your hard drive in the computer world), but a virus that can go virtually undetected because of a lack of symptoms for years while it spreads to others, has a better chance of replicating itself onto as many hosts as possible.

        You are correct, the most successful organisms (worms/viruses in this case) preserve the host in order to spread, w
    • A virus that destroys a computer quickly is also a very poor vector, because it doesn't live long enough to infect others. The most explosive viruses have been ones that did no other damage than to reproduce. Of course, this causes DoS's on networks, but the computer is still happily infected.
    • Re:Mild threat (Score:2, Interesting)

      by Daedala ( 819156 )
      There are worse threats. Right now, virus writers seem to be distracted by the easy money from spam, botnets, etc. I'm not sure this is bad. I think I'd rather be cluttering the net with more spam than rewriting my hard drives. Fortunately, my sistem has been, if not hardened, at least pretty thoroughly gelled.
  • Maybe if we gave the virus writers what they want they will leave us alone. I tired of the senseless mass killing of computers... you'd think they were doing this for fun.
  • by jellomizer ( 103300 ) * on Tuesday October 19, 2004 @08:05AM (#10564059)
    Just so they can use their produts to protect themselfs from viruses. I would trust an Anti-Virus Company more if they were runinning OpenBSD or some other Secure OS. Yea sure they make anti-virus for windows but that is because they know that windows is insecure. Becideds if someone wants a virus to spread they just kill the updates for the anti-virus.
    • Sorry to say, but there's absolutely nothing in your post that makes sense. Not trusting a company because of the OS they run?

      And: 'because they know that windows is insecure' ?? Windows isn't any more insecure than your favorite BSD or Linux distro. It's how it's configured that makes it secure or not.

      'if someone wants a virus to spread they just kill the updates for the anti-virus' : oh yeah, why didn't they think of that before? I have no idea how you plan to 'kill' the update though, since that's dif
      • And: 'because they know that windows is insecure' ?? Windows isn't any more insecure than your favorite BSD or Linux distro. It's how it's configured that makes it secure or not.


        Right, if Windows is configured to not run any services and not be on the network it's C2 secure.

        If you do any of those things it contains many network-exploitable 'root-level' vulnerabilities. Even if you follow the 65-page NSA documents on how to secure Windows.

        As shipped, OpenBSD has had only a couple of these in the past se
  • by crawdaddy ( 344241 ) on Tuesday October 19, 2004 @08:09AM (#10564091)
    So much for the traditional arguments made by virus writers that they're trying to force better security practices. Either that, or running anti-virus software isn't considered a security practice by virus writers.
  • Diversion (Score:3, Informative)

    by aralin ( 107264 ) on Tuesday October 19, 2004 @08:11AM (#10564109)
    Pardon me, for being sarcastic and a little paranoid, but if would be a anti-virus company creating more work for myself and more dough for my shareholders by letting out occasional virus out, there would be no better diversion than aiming at destroying myself and taunting other virus writters so they write more and better the next time.

    Nah, ... maybe I am too paranoid, this time...

    • Maybe not too smart either.

      There are plenty of new viruses out there all the time. There is plenty of attention to the nastiness out there, which is good for the market. So some company would tweak their tool so it adds a tiny bit to the general insecure situation.

      They'd have to arrange for internal secrecy so few people get to know the issue.

      They're ready to take a hit when the next guy does a comparative batch test for viruses and declares their product unsafe.

      They can't leave a paper/email trail so
  • by Gary Destruction ( 683101 ) * on Tuesday October 19, 2004 @08:21AM (#10564185) Journal
    If the MyDoom writers want to mess up antivirus companies, why don't they just do it and be totally quiet about it? The only thing worse than an attack is one that you don't see coming. To top that off, they could have made a different virus to attack antivirus firms and make the antivirus firms think it was the netsky writers that did it. And then someone could make a movie about it and play it on TNT because they know drama.
    • If the companies got hit and hurt it'd be embarrasing; but, soon enough people would say, "Well, it can't be helped. Nobody is perfect ...etc"
      Now, if you make a big deal out of "warning" the companies, and then hit and hurt them ... that's WAY more embarrasing. No?
  • by wimbor ( 302967 ) on Tuesday October 19, 2004 @08:26AM (#10564233)
    Sometimes I wonder if it wouldn't be cheaper to just revamp the whole IT infrastructure.

    Let's say all companies in all countries, the governements and the IT suppliers join hands and pay into one large "IT fund" or donate research time and development for a joint new technology.

    At the same time governements all over the world passes legislation to increase the reponsibility of IT vendors like e.g. Microsoft (faster bug fixes required by law, free bug fixes, longer free support, better en safer Windows code, ...) and up-to-date legislation to procecute virus writer and so on.

    We use these measures to:

    1) Get rid of x86/WinTel and all its legacy technology and software (no more ISA, no more IRQ, no more Win/DOS compatibility, ....) and move to something decent (PowerPC? Heck, even MS goes to PowerPC for the future XBOX, so why not for PC's...)

    2) Get rid of Windows altogether and create a decent replacemnt for it without legacy and backwards compatability

    3) All governements by Apple Machines and Mac OS X at huge discounts: already a huge step forward in security of our personal information and files.

    I think this would enhance competition, drive the economy forward, foster future new developments and maybe get rid of monopolies and get decent competition in the IT market... and be a lot cheaper than the combined cost of all anti-virus licenses, and hidden costs of lost productivity and fall-out of current attacks...

    I know... I know... I'm dreaming eh... Some forces would be against this... Damn....
    • Some forces?

      Yeah, like me. I don't particularly feel like replacing all my existing hardware and software, thanks. Even if I could, which would imply millions of developer hours spent on porting.

      You're not dreaming, you're having a nightmare.


  • Sounds like the virus was written to help the antivirus companies justify their existence.

    Hackers are stalking your children online...

    Booga booga!
    • Wow this is too good to be true. If Symantec and Mcafee goes to hell, then windows too might be in jeopardy. The OS is already until attack from spyware and adware to every degree.

      Is 2005 the year linux rules the corporate world? 2006? I don't know about ruling at home since games are still a factor.

  • by Anonymous Coward on Tuesday October 19, 2004 @09:21AM (#10564737)
    A virus that performs a Denial of Service attack against the "automatic update" servers used to keep the client av software up to date?

    You then have a virus that is attacking the 1 thing that can "defeat" it, thus the virus "wins" as it has effectivly knocked out the source of the antidote (providing the virus is able to spread at a very fast rate for the initial 12 or so hours).

    There is quite a lot of research on the web regarding the speed at which viruses spread and the # of hosts infected in the first X hours, which makes for interesting reading.

    To do it properly the virus shouldnt have any hardcoded IP addresses or domain names but instead seek the server name(s) from the (registry|av-binary|where ever it is stored). Other virus have failed in the past because l33t master coders were stupid enough to hard code a list of IP addresses.

    A fast spreading virus that could do as described IMO would be a truely "successful" ground breaking virus, and it would certainly be interesting to see how the AV companies react to that.

    (Im NOT suggesting, nor encouraging it to be done, just looking at an idea from a problem solving / technical implementation POV).

    Jason
  • Comment removed (Score:5, Informative)

    by account_deleted ( 4530225 ) * on Tuesday October 19, 2004 @09:47AM (#10565020)
    Comment removed based on user account deletion
  • So there! (Score:2, Funny)

    by Anonymous Coward
    My Doom3 is better than your MyDoom! Nyeah!
  • by DroopyStonx ( 683090 ) on Tuesday October 19, 2004 @10:10AM (#10565345)
    These viruses/worms don't do a damn thing.

    You know what would be a great virus/worm? One that totally fucks up the partitions on your hard drive forcing you to reformat and lose all your data.

    Now THAT would be a funny virus. Imagine that getting spread across corporate america... you think it cost a lot to take 3 minutes out of the day to update virus defs and do a scan? Wait till you need to take hours out to reformat and reinstall.

    These are what worms/viruses should be. Not this "Hacked by chinese" bullshit.
    • That is also the reason no such viruses infect computers on a large scale - just like parasites in the nature. A parasite that kills it's host and prevents it from spreading will in effect limit it's own spreading of genes/offspring... Now, a virus that spreads epidemically like the recent ones has, and at a given point destroys boot sectors or partition tables, now that would be funny..
  • And are promising to attack the antivirus companies

    Let's hope the folks McAfee are smart enough not to open an email attachment from freehotchicks@VxIxAxGxRxA.com

  • by gd23ka ( 324741 ) on Tuesday October 19, 2004 @11:52AM (#10566680) Homepage
    Thoughts and musings on how to release malicious code onto the internet while being physically present in a state hostile to the United States of America and targetting assets of that hostile state, causing a maximum of damage while making it nearly impossible to be traced or identified.

    First of all, access to the internet has to be completely anonymous. Many people have used their personal internet access or the one at work. Malicious code _will_ be traced back to the orginating internet access by security agencies of states hostile against the United States of America.

    Anonymous access to the internet is easily possible from:
    a) unsecured wireless access points
    b) internet cafes

    Since many public and private places in states that are hostile to the United States are nowadays under 24h covert video surveillance, unsecured wireless access points are safest. The safest way to use an unsecured access point would be from a car travelling at the maximum speed possible for a notebook on board to find a path through an unsecured access point to the internet. The malicious code package however should not be released directly to the internet but onto the first vulnerable system after the AP that has access to the internet. When using the AP the physical MAC-address of the wireless adaptor must not be used for obvious reasons, the card should be programmed with a new MAC-address. After releasing the malicious code package the notebook should immediately securely erase all traces of the malicious code package, the delivery system and the secure eraser. The secure erasure of the mentioned components should also be triggerable by a single keypress. The notebook should be kept under sufficient power and in a state where secure erasure can be triggered at all times (disable screensaver, power low standby etc.). The secure erasure should also be triggered when the notebook is about to enter a state where the secure erasure can not be triggered and completed (low power, etc.). The notebook should not be hooked up to the car's battery nor should any antennas or fixtures be evident that reveal the notebook is being actively used in the car. The warmth of the notebook in operation is not explainable therefore appropiate navigational software and a GPS mouse should be present. It is important to avoid areas where the car could leave identifiable tire tracks. If possible avoid entering zones of known video surveillance or zones where searches by hostile forces can be expected. I know this sounds paranoid but shit happens.

    The malicious code should be wrapped into an installer that hides the malicious code onto the first vulnerable target after the access point for a period of at least six days and release the malicious code to the internet preferably on the evening of the friday following the minimum six days.

    All code, excluding the delivery system and secure erasure code, should hide on the system using state of the art techniques (filesystem filters, hooking registry access, manipulation of NT kernel data areas).

    If the malicious code happens to be a worm, a very slow rate of infection is advised as well as a novel vulnerability being exploited. This is in the hope that the worm will over months penetrate into sensitive intranets without being discovered. As the clock of a given node can not be depended on for accurate time/date information the worm instance should not rely on it to measure time. Instead time should be measured by cpu cycles, poweron/poweroff cycles etc. Systems belonging to a state hostile to the United States of America can be recognized through characteristics discovered through prior intelligence.

    All development and testing that takes place while located in a state hostile against the United States of America should be confined to one system. Backups must use state of the art encryption must be accounted for and be destroyed after being superseded. If you (unwisely) choose to keep the final version of the code after the attack, encrypt it with a xor of r
    • I know this sounds paranoid but **** happens.

      Yeah, well, you are talking about regimes where the consequences of being discovered are a certain and painful death, I think being paranoid is probably pretty good advice...

      But XORing against a random byte stream is not very good advice, because it is much more difficult than you might expect to generate such a random byte stream. Hint: The random number generator that comes with your compiler is not good enough.

Do you suffer painful hallucination? -- Don Juan, cited by Carlos Casteneda

Working...